It’s no surprise that networks are vulnerable to malware, phishing, and other forms of cybercrime. But even with secure systems in place, any company with valuable data is susceptible to attacks from elite hackers on a daily basis. Thus, cybersecurity specialists have an important job to do as a company’s first line of defense against unauthorized access from the outside and potential security threats.
What does a cybersecurity specialist do? Going by what television shows us, we might imagine a behind-the-scenes genius who saves an entire nation from a cybercrime-induced explosion with just seconds to spare. While cybersecurity specialists and engineers in the real world do respond to hackers in real-time — albeit not quite as dramatically as on television — this constitutes only part of their role. Let’s take a deeper look at this line of work and its implications for organizations.
Who is a Cybersecurity Specialist?
Before we dive into the specifics of this role, let’s first talk about the cybersecurity field itself. Just as physical security measures (such as home alarms, video cameras, and security guards) serve to prevent attacks and, in the worst case, provide clues to who committed a crime, cybersecurity employs analogous measures in cyberspace.
In a time when cybercrime is on the rise, people and companies need their privacy protected. Cybersecurity engineers design and implement computer systems to deal with invasions of privacy and similar disruptions. From screening security software to monitoring networks for security breaches or intrusions, cybersecurity specialists protect their company from intruders.
What measures can be taken to secure a company’s assets? Preventative measures make up much of this field; by identifying threats and vulnerabilities early on, cybersecurity specialists can often forestall security threats. Another aspect of maintaining virtual security involves assessing software for vulnerabilities and recommending enhancements based on their findings.
In the modern era, most large companies employ a team of cybersecurity engineers or, in many cases, an external consultancy specializing in IT security. For example, companies like NCC Group and McAfee fortify their clients’ cyber-resiliency with their suites of security solutions.
Now, what might a workday look like for a cybersecurity specialist?
A Day in the Life of a Cybersecurity Specialist
Like most workers in high-risk environments, no two days are the same for cybersecurity specialists. Should a security breach have recently taken place, their daily activities will differ sharply from, say, the intensive research that would be the order of the day had a new security law for the locality just been passed. Now let’s take a glimpse into the life of a hypothetical cybersecurity specialist — we’ll call her Barbara and say that she works for a space agency with highly classified missions.
After arriving in the office, Barbara spends the morning performing penetration tests and scans using industry-standard analysis. Seeking vulnerabilities in the organization’s network and systems, she then documents her findings, which will inform the written reports that Barbara eventually submits to management. Her report will include recommendations for enhancements in legal, technical, and regulatory areas.
Barbara spends the latter part of the morning reviewing the network configuration and tracking known security issues — crucial steps for maintaining the safety of the organization’s infrastructure and existing data.
After lunch, Barbara meets with software engineers to develop advanced solutions for defense against hacking, malware, and insider threats to one of the company’s new initiatives. She analyzes their latest application code and reviews the early stages of their documentation. They discuss some new firewall software they’re considering switching to, along with sizing up a few promising encryption programs.
All the while, Barbara’s spending time designing, implementing, maintaining, and overseeing company security measures, as well as making sure the software engineers are informed of the decisions she’s making. And of course, she monitors the networks and systems to find irregular system behavior or security breaches, which take precedence over anything else.
This afternoon, Barbara notices an unusual spike in network traffic, indicating an attempted denial-of-service attack. On another day, it might be an increase in failed authentications tipping her off that a hacker is attempting to get through — but because there are many ways a cyberattack can occur, she stays well-versed in what to look out for.
Today, Barbara leads the incident response in stopping the attack. In the coming days, she will lead investigations into what led to this attack and troubleshoot all network and security issues and incidents.
During her stint with the company, she has shown the software engineers she works with how to write secure programs. Since the company’s non-technical team members also need to know how to protect company assets, she leads workshops on topics like data loss mitigation and other security best practices. And in the last hour of this particular day, she trains her coworkers on password complexity.
The Skillset of a Cybersecurity Specialist
Now let’s survey the core skill set of a cybersecurity specialist. While language-specific variants of these skills can often be learned on the job, those interested in the field should first be able to show considerable experience across all these areas.
A cybersecurity specialist must be able to architect systems that protect against attackers — a skill that typically involves reverse engineering. Also crucial is familiarity in the languages specific to the company’s software stack, often including Java, C/C++, Go, Rust, Ruby, and Python, just to name a few.
It’s not enough for a cybersecurity specialist to simply know these languages well enough to review code written by other engineers — they must be able to dynamically apply them in various situations. Part of the job involves creating new ways to solve existing production security issues, developing automation scripts to handle and track incidents, and using software that helps with notification of intrusions. All of these skills require a solid foundation in programming.
Most cybersecurity specialists are well-versed in Windows and Linux, especially the Ubuntu and Debian distributions in the latter case. Others work in specialized environments: AIX, Solaris, FreeBSD, and macOS, among others. A competent security specialist can easily find their way in either Linux or Windows (ideally both) and usually has a working knowledge of some of the more niche systems.
Cybersecurity specialists must consider a variety of policy categories when devising company standards and practices. A familiarity with risk-assessment policies ensures that a specialist can not only assess risks, but can also steer clear of them. Following safety policies ensures that the specialist can maintain the security of the company and its employees. Industry-specific policies determine guidelines for managing data in certain business sectors, so it’s crucial that cybersecurity specialists understand these as well.
Not only does a cybersecurity specialist stay current on policies, but they are usually involved in developing a set of standards and practices for their own company, which means they must be sufficiently conversant with general policies to effectively inform internal company policy.
Data security and privacy
In addition to their policy competency, a cybersecurity specialist must also stay current on laws governing data and privacy. For example, the General Data Protection Regulation regulates data protection within the EU and data transfer to outside regions, and the California Consumer Privacy Act strengthens privacy rights and consumer protection for residents of the state.
Other laws relating to data protection include the Electronic Communication Privacy Act, the Cyber Intelligence Sharing and Protection Act (CISPA), and HIPAA. A cybersecurity expert must be confident enough with the ins and outs of these laws to help a company conform to them.
The role of a cybersecurity specialist is a dynamic one, ideal for those who thrive on challenge, enjoy a fast-paced environment, and find the idea of protecting a company inspiring.
If this sounds like an interesting career option, we suggest checking out Udacity’s Introduction to Cybersecurity Course. This intermediate course equips you with the fundamental knowledge to start securing your networks, building cloud infrastructure, and working with Linux — essential for entering the profession, and valuable if you’re interested in protecting your own computing environment.